Bug 1420293

Summary: Freeradius does not know Auth-Type = System
Product: Red Hat Enterprise Linux 7 Reporter: Jaroslav Aster <jaster>
Component: freeradiusAssignee: Nikolai Kondrashov <nikolai.kondrashov>
Status: CLOSED ERRATA QA Contact: Jaroslav Aster <jaster>
Severity: medium Docs Contact: Mirek Jahoda <mjahoda>
Priority: medium    
Version: 7.3CC: dpal, pkis
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Deprecated Functionality
Doc Text:
FreeRADIUS no longer accepts "Auth-Type := System" in configuration, for "rlm_unix" authentication module. Instead "unix" should be listed in the "authorize" section.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-01 20:38:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jaroslav Aster 2017-02-08 11:37:24 UTC 
Description of problem:

Freeradius does not know Auth-Type = System. Older version knows it and it is still mentioned in users man page.

# man /usr/share/man/man5/users.5.gz | col -b | grep 'Auth-Type = System'
       DEFAULT   Auth-Type = System

Version-Release number of selected component (if applicable):

freeradius-3.0.12-1.el7_3


How reproducible:

100%


Steps to Reproduce:

1. Edit file /etc/raddb/mods-config/files/authorize.

# cat << EOF >> /etc/raddb/mods-config/files/authorize 
DEFAULT Auth-Type = System
        Fall-Through = 1
EOF

2. Run radiusd.

# radiusd -X
...
...
...
reading pairlist file /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-config/files/authorize[221]: Parse error (check) for entry DEFAULT: Unknown or invalid value "System" for attribute Auth-Type
Failed reading /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"


Actual results:

Radiusd does not start.


Expected results:

Radiusd starts or mention about Auth-Type = System is removed from documentation.
Comment 2 Nikolai Kondrashov 2017-02-16 11:33:18 UTC 
Upstream response to this issue reported on the maillist:
https://lists.freeradius.org/pipermail/freeradius-users/2016-May/083616.html

Perhaps we only need to fix the manpages.
Comment 3 Jaroslav Aster 2017-02-16 11:48:12 UTC 
Hi,

it's up to you. If upstream remove this option, the only way is fix the documentation. My concern is, it should be consistent :-).
Comment 4 Nikolai Kondrashov 2017-02-16 11:53:03 UTC 
Yes, we need to fix the manpages and have some sort of a warning for the users.
Comment 5 Jaroslav Aster 2017-02-16 13:33:58 UTC 
Agreed. Please, fix the man-page and you can add description into doc field. Thanks.
Comment 6 Nikolai Kondrashov 2017-02-22 13:13:56 UTC 
Pull request submitted upstream: https://github.com/FreeRADIUS/freeradius-server/pull/1920
Comment 9 errata-xmlrpc 2017-08-01 20:38:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1954